Apache2.2 代理 https 搭建 CA.sh创建失败。在线等!!
CA certificate filename (or enter to create)
Making CA certificate …
Generating a 1024 bit RSA private key
…………………………++++++
………..++++++
writing new private key to ‘./demoCA/private/./cakey.pem’
Enter PEM pass phrase:
Verifying – Enter PEM pass phrase:
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [GB]:cn
State or Province Name (full name) [Berkshire]:cn
Locality Name (eg, city) [Newbury]:cn
Organization Name (eg, company) [My Company Ltd]:cn
Organizational Unit Name (eg, section) []:cn
Common Name (eg, your name or your server’s hostname) []:sslserver
Email Address []:test@gmail.com
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:****************
An optional company name []:
unknown option -create_serial
usage: ca args
-verbose – Talk alot while doing things
-config file – A config file
-name arg – The particular CA definition to use
-gencrl – Generate a new CRL
-crldays days – Days is when the next CRL is due
-crlhours hours – Hours is when the next CRL is due
-startdate YYMMDDHHMMSSZ – certificate validity notBefore
-enddate YYMMDDHHMMSSZ – certificate validity notAfter (overrides -days)
-days arg – number of days to certify the certificate for
-md arg – md to use, one of md2, md5, sha or sha1
-policy arg – The CA ‘policy’ to support
-keyfile arg – private key file
-keyform arg – private key file format (PEM or ENGINE)
-key arg – key to decode the private key if it is encrypted
-cert file – The CA certificate
-in file – The input PEM encoded certificate request(s)
-out file – Where to put the output file(s)
-outdir dir – Where to put output certificates
-infiles …. – The last argument, requests to process
-spkac file – File contains DN and signed public key and challenge
-ss_cert file – File contains a self signed cert to sign
-preserveDN – Don’t re-order the DN
-noemailDN – Don’t add the EMAIL field into certificate’ subject
-batch – Don’t ask questions
-msie_hack – msie modifications to handle all those universal strings
-revoke file – Revoke a certificate (given in file)
-subj arg – Use arg instead of request’s subject
-extensions .. – Extension section (override value in config file)
-extfile file – Configuration file with X509v3 extentions to add
-crlexts .. – CRL extension section (override value in config file)
-engine e – use engine e, possibly a hardware device.
-status serial – Shows certificate status given the serial number
-updatedb – Updates db for expired certificates
上面的到底是什么问题?
谢谢!!
unknown option -create_serial
这句是关键….